Website Traffic And Hacks

A couple of months ago one of the sites I run was hacked via a nasty hole in a plugin that it was using. It took quite a bit of work to find the source of the issue and resolve it once and for all.

Once the hole had been plugged properly the traffic levels returned to normal.

But it's only when you have a reasonable amount of data that you can really see how much impact this kind of issue actually can have on a site's traffic.

Here's what a longer period looks like:

Unfortunately other sites that I run have had issues over the last few months. Some were defaced, others had nasty junk inserted - the list goes on and on.

The key lesson to be learnt from all this is to keep a close eye on your Google Analytics (or whatever you are using)

If you see a dip in traffic overnight it might be caused by Google changing their search algorithms, but it could just as easily be due to something hijacking your traffic or inserting some junk into your site's code.

If you're using WordPress make sure to remove any themes or plugins that you aren't using. If they're not installed they can't be compromised.

Keep an eye on Google Webmaster Tools and make sure all your sites are registered there (I discovered that one of mine wasn't which made removing it from their "bad" list that bit harder)

Keep your WordPress (and other CMS) software installs up to date. Make sure that the themes you are using are up to date as well - a lot of them won't "tell you" when an update has been released, so you'll need to check manually.

Related Posts:

, , , , ,

6 Responses to Website Traffic And Hacks

  1. Rodolfo July 24, 2012 at 3:36 pm #

    Ciao Michele, would you feel like publishing the name of that plugin?

    Everytime I install a new, free WP plugin I always get very worried in terms of possible malware/nasty holes.

    Website security is probably going to be the biggest issue of the next few years… and that’s quite scary for web designers!

  2. Michele July 24, 2012 at 3:47 pm #


    What plugin?


  3. Rodolfo July 24, 2012 at 3:50 pm #

    You said “A couple of months ago one of the sites I run was hacked via a nasty hole in a plugin that it was using”?

  4. Michele July 24, 2012 at 3:52 pm #

    Yes, but it had nothing to do with WordPress

  5. Rodolfo July 24, 2012 at 3:59 pm #

    Ok, cool, one less thing to worry about 🙂

  6. Michele July 24, 2012 at 7:38 pm #


    For WordPress there are a couple of big things to be aware of
    The single biggest headache I’ve seen in the last 18 months or so was caused by TimThumb. There’s a couple of plugins out there that will scan your entire WP install for any instances of it and warn you if they need to be upgraded, which is very very useful.

    The other things to be careful with are themes / plugins that you aren’t using. While the plugins might get updated automatically a lot of the 3rd party themes won’t and you won’t know if there’s a security hole with them 🙁

Leave a Reply

Notify me of followup comments via e-mail. You can also subscribe without commenting.

Powered by WordPress. Designed by WooThemes